On the Tractable Counting of Theory Models and its Application to 
Belief Revision and Truth Maintenance 
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Abstract 

We introduced decomposable negation normal form 
(DNNF) recently as a tractable form of propositional 
theories, and provided a number of powerful logical 
operations that can be performed on it in polynomial 
time. We also presented an algorithm for compiling any 
conjunctive normal form (CNF) into DNNF and 



vi ped a structure-based guarantee on its space and time 



prn- 



complexity. We present in this paper a linear-time al- 
gorithm for converting an ordered binary decision dia- 
gram (OBDD) representation of a propositional theory 
into an equivalent DNNF, showing that DNNFs scale 
as well as OBDDs. We also identify a subclass of DNNF 
which we call deterministic DNNF, d-DNNF, and show 
that the previous complexity guarantees on compiling 
DNNF continue to hold for this stricter subclass, which 
has stronger properties. In particular, we present a 
new operation on d-DNNF which allows us to count its 
models under the assertion, retraction and flipping of 
every literal by traversing the d-DNNF twice. That is, 
after such traversal, we can test in constant-time: the 
entailment of any literal by the d-DNNF, and the con- 
sistency of the d-DNNF under the retraction or flipping 
of any literal. We demonstrate the significance of these 
new operations by showing how they allow us to imple- 
ment linear-time, complete truth maintenance systems 
and linear-time, complete belief revision systems for 
two important classes of propositional theories. 



Introduction 

Knowledge compilation has been emerging recently as a 
new direction of research for dealing with the computa- 
t ional intractability of general propositional reasonin g 
(ISclman fc Kautz March 1996| ; |Cadoli fc Donini 19971) . 
According to this approach, the reasoning process is 
split into two phases: an off-line compilation phase and 
an on-line query-answering phase. In the off-line phase, 
the propositional theory is compiled into some target 
language, which is typically a tractable one. In the 
on-line phase, the compiled target is used to efficiently 
answer a (potentially) exponential number of queries. 
The main motivation behind knowledge compilation is 
to push as much of the computational overhead as pos- 
sible into the off-line phase, in order to amortize that 
overhead over all on-line queries. 



One of the key aspects of any compilation approach 
is the target language into which the propositional the- 
ory is compiled. Previous compilation approaches have 
proposed Horn theories, prime implicates/implicants, 
and ordered binary decisi on diagrams (OBDDs) as tar- 
gets for such compilation ( Selman fc Kautz March 199(j; 
Gadoli fc Donini 1997); [Marquis 1995| ; [Boufkhad ej 
al. 1997| ; pryant 1992 ). A more recent compila- 



tion target languag e is decomposab l e negation nor- 
mal form (DNN F) ( parwiche 1999a| ; parwiche 199g| ; 
Darwiche 1999b). DNNF is universal^ supports a 



rich set of polynomial-t ime operations; i s more space- 
efficient than OBDDs ( Darwiche 1999b ); and is very 
simplistic as far as its structure and algorithms are 
concerned . Propositional t heories in DNNF are highly 
tractable ( Darwiche 1999b| ): 



1. Deciding the satisfiability of a DNNF can be done in 
linear time. 

2. Conjoining a DNNF with a set of literals can be done 
in linear time. 

3. Projecting a DNNF on some atoms can be done in 
linear time. Intuitively, to project a theory on a set 
of atoms is to compute the strongest sentence entailed 
by the theory on these atoms. 

4. Computing the minimum- cardinality of a DNNF can 
be done in linear time. The cardinality of a model 
is the number of atoms that are set to false in the 
model. The minimum-cardinality of a theory is the 
minimum-cardinality of any of its models. 

5. Minimizing a DNNF can be done in quadratic time. 
To minimize a theory is to produce another theory 
which models are exactly the minimum-cardinality 
models of the original theory. 

6. Enumerating the models of a DNNF can be done in 
time linear in its size and quadratic in the number of 
its models. 

This paper rests on two key contributions. First, 
we show that DNNF re presentations scale as well as 
OBDD representations ( Bryant 1992 ) by presenting a 
linear-time algorithm for converting an OBDD repre- 
sentation of a propositional theory into an equivalent 
DNNF representation. Second, we identify a subclass 



of DNNF, which we call deterministic DNNF, d-DNNF, 
and present a new linear-time operation for counting 
its models under the assertion, retraction and flipping 
of literals. In particular, we show how to traverse a 
d-DNNF only twice and yet compute: its number of 
models under the assertion, retraction and flipping of 
each literal. This allows us to test in linear time: the 
consistency of the d-DNNF under the assertion, retrac- 
tion and flipping of each literal, therefore, allowing us 
to implement linear-time, complete truth maintenance 
and belief revision systems. 

What is interesting though is that two of our key com- 
plexity results with respect to DNNF compilations con- 
tinue to hold with respect to the subclass of d-DNNF. 
This includes a structure-based algorithm which can 
compile any CNF into an equivalent DNNF in linear 
t ime given that t he treewidth of the CNF is bounded 
(Darwiche 1999a). It also includes the newly proposed 



algorithm for converting any OBDD into an equivalent 
DNNF in linear time. 

This paper is structured as follows. We first review 
DNNF, introduce the class of deterministic DNNF and 
then discuss the new operation for model counting. We 
follow that by discussing the application of this count- 
ing operation to truth maintenance, belief revision, and 
model-based diagnosis systems. We finally close with 
some concluding remar ks. Proofs of all r esults are avail- 
able in the full paper (Darwiche 2000b). 



Deterministic DNNF 

A propositional sentence is in negation normal form 
(NNF) if it is constructed from literals using only the 
conjoin and disjoin operators. Figure [l] shows a sen- 
tence in NNF depicted as a rooted, directed acyclic 
graph where the children of each node are shown below 
it in the graph. Each leaf node represents a literal and 
each non-leaf node represents a conjunction or a dis- 
junction. We allow true and — ifalse to appear as leaves 
in a DNNF to denote a conjunction with no conjuncts. 
Similarly, we allow false and -itrue as leaves to represent 
a disjunction with no disjuncts. The size of an NNF is 
measured by the number of edges in its graphical repre- 
sentation. Our concern here is mainly with a subclass 
of NNFs: 



Definition 1 (Darwiche 



1999cj) 



decomposable negation normal form (DNNF) is a nega- 
tion normal form satisfying decompos ability property: 
for any conjunction /\ { ai appearing in the form, no 



ato m is shared by any pair of CO TIJ UflC ts in /\j 



The NNF {A V B) A {-<A VC) is not decomposable since 
atom A is shared by the two conjuncts. But the NNF in 
Figure is decomposable. It has ten conjunctions and 
the conjuncts of each share no atoms. Decomposability 
is the property which makes DNNF tractable. 

One of the key operations on DNNF is that of condi- 
tioning: 




A=>B 



B=>C 



C=>D 



Figure 2: A decomposition tree for the theory A D B, 
BdC,C D D. 



tional sentence and let 7 be an instantiation!^ The 
conditioning of a on 7, written a | 7, is the sentence 
resulting from replacing each atom p in a with true if 
the +ve literal p appears in 7 and with false if the -ve 
literal ->p appears in 7. 

For example, conditioning the DNNF (->A A ->B) V (B A 
C) on instantiation B /\D gives (-lAA-itrue) V (true AC) 
and conditioning it on -^B A D gives (—iA A -ifalse) V 
(false A C). Conditioning is a key operation because it 
allows us to conjoin a DNNF A with some instantiation 
a (which may share atoms with A) while ensuring that 
the result is also a DNNF. Specifically, (A | a) A a 
is a DNNF which is equivalent to A A a and can be 
computed in time linear in the size of A. 

We now introduce the class of deterministic DNNF: 

Definition 3 A deterministic DNNF (d-DNNF) is a 
DNNF satisfying the following property: for any dis- 
junction \J. ai appearing in the form, every pair of dis- 
juncts in \J ■ ai are disjoint. 

For example, (A A B) V C is a DNNF but is not deter- 
ministic since the disjuncts AAB and C are not disjoint. 
However, the DNNF (AAB)V(^AAC) is deterministic. 
Note that although every DNF is a DNNF, not every 
DNF is a d-DNNF. 

The main value of d-DNNF is the ability to count 
its models in linear time and under the assertion, re- 
traction and flipping of literals. Such operations will 
be discussed in the following section. In the remain- 
der of this section we present two results that hold for 
DNNF, but continue to hold for d-DNNF. The first is a 



structure-ba sed algorithm that we introduced in (Dar 



wiche 1999a) for converting a CNF into a DNNF. The 



Definition 2 (Darwiche 1999a) Let a be a proposi 



algorithm utilizes a decomposition tree, which is a bi- 
nary tree the leaves of which correspond to the CNF 
clauses — see Figure Each decomposition tree has a 
width and the complexity of the algorithm is exponen- 
tial only in the width of used tree. The algorithm is 
given with a slight modification in Figure [|. The only 

An instantiation of a set of atoms is a conjunction of 
literals, one literal for each atom in the set. 




Figure 1: A theory in DNNF. The theory has eight models, representing the odd-cardinality models: -*AAB AC AD; 
A A -i-B AC AD; A A B A ~^C AD; A A B AC A -iD; ->A A ->B A -*C A D; -*A A ->B AC A -iD; ->A ABA -*C A -iD; 
AA^BA^CA^D. 



diff erence be tween this version and the one in ( |Dar- 



wic he 1999a|) is that we have Cl2ddnnf( clause(N) \ a) 
instead of clause(N) | a, therefore, converting a clause 
to a d-DNNF at the boundary condition. 



Theorem 1 (Darwiche 1999a) Let N be the root 
of decomposition tree 1 ' used in Figure |J. Then 
CNf2ddnnf(7V, a) will return A | a in DNNF, where A 
contains the clauses attached to the leaves of T . More- 
over, the time and space complexity of the algorithm is 
0(nw2 w ), where n is the number of clauses in A and 
w is the width of decomposition tree T. 

Theorem 2 The DNNF returned by the algorithm in 
Figure Q is deterministic. 

The class of CNF theories with bounded treewidth is 



defined in (Darwiche 1999a), where it is shown that, for 
this class of theories, one can construct in linear time 
a decomposition tree of bounded width. Therefore, one 
can compile a d-DNNF of linear size for this class of 
theories. 

Binary decision diagrams (BDDs) are among the 
most successful re presentations of propositional theo- 
ries (Bryant 1992). Two special classes of BD Ds, OB- 
DDs and 1'BDDs. are especially popular given (Gergov 
fc Meinel 19~94] |Sieling k Wegener 1995| ): 



- the number of linear-time operations they support 
and 

- the number of real-world theories that admit efficient 
OBDD/FBDD representations. 

We now present a linear-time algorithm for converting 
an FBDD into an equivalent d-DNNF, showing that d- 
DNNFs scale as well as FBDDs (which include OBDDs 
as a subclass). We start by the formal definitions of 
BDDs, OBDDs, and FBDDs. 

Definition 4 A binary decision diagram (BDD) over 
a set of binary variables X — {x\, . . . , x n } is a di- 
rected acyclic graph with one root and at most two 



Algorithm cnf2ddnnf 

/* N is a node in a decomposition tree */ 
/* a is an instantiation */ 

cnf2ddnnf(A^, a) 

ip*— project (a, atoms(N)) 

if CACHEjv(VO 7^ NIL , return CACHEjv('0) 

if N is a leaf node, 
then 7^ Cl2ddnnf( clause(N) | a) 
else 7<— V /3 CNF2DDNNF(A r ; , a A (i)A 

cnf2ddnnf(AV, ol A 0) A (3 
where (3 ranges over all instantiations 
of atoms (Ni) (~1 atoms (N r ) — atoms (a) 

CACHE jvO/>)<— 7 

return 7 



Figure 3: Compiling a CNF into d-DNNF. Each node 
N in the decomposition tree has an associated cache 
CACHEjv; Ni and N r are the left and right children 
of node N, respectively; clause(N) returns the clause 
attached to leaf node N; atoms(N) are the atoms of 
clauses appearing under node N; atoms(a) returns the 
atoms appearing in instantiation a; project {a, A) re- 
turns the subset of instantiation a pertaining to atoms 
A; and Cl2ddnnf(/3) returns a d-DNNF of clause (3. 



leaves labeled and 1. Each non-leaf node m is la- 
beled by a variable var(m) G X and has two outgo- 
ing edges labeled and 1, where low(m) and highfjn) 
denote the nodes pointed to by these edges, respec- 
tively. The computation path for input (<xi, . . . ,a n ), 
where ai G {0,1}, is defined as follows. One starts 
at the root. At inner node m, where var(m) — Xi, one 
moves to node low{m) if a, = and to node high{m) 
otherwise. The BDD represents the Boolean function f 
if the computation path for each input (a%, . . . , a n ) leads 
to the leaf node labeled with f(a±, . . . , a n ). 



Algorithm fbdd2ddnnf 

/* m is a node in an FBDD */ 
fbdd2ddnnf(to) 
if CACHE (to) 7^ NIL, return CACHE(m) 
if 771 is a leaf node labeled with 1, then 7^true 
else if m is a leaf node labeled with 0, then 7 <— false 
else 7^fbdd2ddnnf(/ow(to)) A ^x t 
Vfbdd2ddnnf(/m<7/i(?ti)) Ai, 
where var(m) = Xi 
CACHe(to)^7 
return 7 



Figure 4: Converting an FBDD into a d-DNNF. 
CACHE(m) stores the d-DNNF computed for the FBDD 
rooted at node m. 



The size of a BDD is measured by the number of nodes 
it contains. 

Definition 5 A binary decision diagram is called a 
free BDD (FBDD) if on each computation path each 
variable is tested at most once. A free BDD is called an 
ordered BDD (OBDD) if on each computation path the 
variables are tested in the same order. 



OBDDs are a strict subclass of FBDDs QBryant 1991] ) 
and have received much consideration in the verification 
literature, where they are used to test the equivalence 
between the specs of a Boolean function and its circuit 
implementation. OBDDs/FBDDs permit such a test 
to be performed in polynomial time. Their popularity 
stems from the existence of efficient OBDD/FBDD rep- 
resentations of many complex, real-world prepositional 
theories. DNNF is more space-efficient than FBDDs 



(Darwiche 19991), but this should not be surprising as 
FBDDs admit more linear-time operations than does 
DNNF. For example, the equivalence of two DNNFs 
cannot be decided in polynomial time while it can for 
FBDDs. 

Figure ^ depicts a recursive algorithm for converting 
an FBDD into a DNNF, showing that DNNFs scale as 
well as FBDDs. The algorithm should be called on the 
root of given FBDD: 



Theorem 3 \Darwiche 1999q) The algorithm of Fig- 
ure Q takes time linear in the size of given FBDD and 
returns a DNNF of the theory represented by the given 
FBDD. 

Theorem 4 The DNNF returned by the algorithm of 
Figure Q is deterministic. 

This has major implications on our reported results re- 
garding truth maintenance and belief revision systems, 
as it proves, constructively, that we can build efficient 
truth maintenance and belief revision systems for any 
propositional theory which has an efficient FBDD rep- 
resentation. Figure || depicts an FBDD and its cor- 
responding d-DNNF as generated by the algorithm of 
Figure ||. 



Counting Models of d-DNNF 

We now turn to an operation on d-DNNF which is of 
major significance to a number of AI applications, in- 
cluding belief revision, truth maintenance and diagno- 
sis. Specifically, given a d-DNNF A and a set of literals 
S, we describe two traversal operations each taking lin- 
ear time. By the end of the first traversal, we will be 
able to count the models of A U S. By the end of the 
second traversal, we will be able to count the models 
of: 

1. AUSU{(} for every literal I S; 

2. A U S \ {1} for every literal I e S; 

3. A U S \ {1} U {->l} for every literal I e S. 

That is, once we traverse the d-DNNF twice, we will 
be able to obtain each of these counts using constant- 
time, lookup operations. As we shall see in the following 
section, these counts are all we need to implement an 
interesting number of AI applications. 

The traversal will not take place on the d-DNNF it- 
self, but on a secondary structure that we call the count- 
ing graph. Without loss of generality, we will assume 
from here on that the d-DNNF is smooth: 

Definition 6 A DNNF is smooth iff 

1. every literal and its negation appear in the DNNF; 

2. for any disjunction \J i oti in the DNNF, we have 
atoms (\J . cti) — atoms(cti) for every on. 

The d-DNNF in Figure |l| is smooth as it satisfies these 
two conditions. We can easily make a DNNF smooth 
using two operations: 

1. If the negation of literal I does not appear in the 
DNNF, replace the occurrence of I with iV(->? Afalse); 

2. For each disjunction Vi a -t) replace the disjunct on 
with ot{ A A J 4gs(^ V where £ are the atoms 
appearing in \] i on but not in on. 

These operations preserve both the decomposability 
and determinism of a DNNF. They may increase the 
size of given DNNF but only by a factor of 0(n), where 
n is the number of atoms in the DNNF. This increase 
is quite minimal in practice though. Note that the d- 
DNNFs generated by the algorithm of Figure [| satisfy 
the first condition; and the d-DNNFs generated by the 
algorithm of Figure || satisfy the second condition as 
long as CL2DDN NF(c/aMse(AQ | a ) satisfies some simple 
conditions; see ( Darwiche 2000b| ). 

The counting graph of a d-DNNF is a function of 
many variables represented as a rooted DAG. 

Definition 7 The counting graph of a smooth d- 
DNNF is a labeled, rooted DAG. It contains a node 
labeled with I for each literal I, a node labeled with + 
for each or-node, and a node labeled with * for each 
and-node in the d-DNNF. There is an edge between two 
nodes in the counting graph iff there is an edge between 
their corresponding nodes in the d-DNNF. 




Figure 5: An FBDD and its corresponding DNNF, which are equivalent to (#2 A X3) V (x% A -1X2 A -1x3). 



Figure ^ depicts the counting graph of the d-DNNF 
in Figure ED. The size of a counting graph is therefore 
equal to the size of its corresponding d-DNNF. We will 
see now how such a graph can be used to perform the 
counting operations we are interested in. 

Definition 8 The value of a node N in a counting 
graph under a set of literals S is defined as follows: 

- val(N) — if N is labeled with literal I and ->l £ S; 

- VAh(N) — 1 if N is labeled with literal I and ->l ^ S; 

- val(A) = FJ i VAl(7V 1 ) if N is labeled with *, where 
Ni are the children of N ; 

- val(N) = J2i VAL (Ni) if N is labeled with +, where 
Ni are the children of N . 

The value of a counting graph G under literals S, writ- 
ten G(S), is the value of its root under S. 

Here's our first counting result. 

Theorem 5 Let A be a smooth d-DNNF, S be a set 
of literals, and let G be the counting graph of A. The 
value of G under S is the number of models o/AUS: 

G(S) = Models#(AljS). 

Note that G(S) > iff A U S is consistent. Therefore, 
by traversing the counting graph once we can test the 
consistency of d-DNNF A conjoined with any set of 
literals S. Figure @ depicts the counting graph of d- 
DNNF A in Figure^, evaluated under the literals S = 
A, -i£?. This indicates that AU{A, ~^B} has two models. 

We now present the central result in this paper. First, 
we note that when viewing a counting graph G as a 
function of many variables, we will use Vi to denote the 
variable (node) which corresponds to literal I. Second, 
we can talk about the partial derivative of G(S) with 
respect to any of its variables Vi , <9G(S) /dVi . Due to the 
decomposability of d-DNNF, the function G(S) is linear 
in each of its variables. Therefore, the change to the 
count G(S) as a result of adding, removing or flipping a 



literal in S can be obtained from the partial derivatives, 
without having to re-evaluate the counting graph G. 
This leads to the following consequential result: 

Theorem 6 Let A be a smooth d-DNNF, S be a set of 
literals, and let G be the counting graph of A. We have: 

Assertion: When l,->l £ S: 

Models#(A U S U {I}) = dG(S)/dVi. 

Retraction: When I € S: 

Models#(A U S \ {I}) = dG(S)/dVi + dG(S)/dV^. 

Flipping: When I £ S: 

Models#(A U S \ {1} U 

= G(S)-dG(S)/dVi + dG(S)/dV^i. 

Therefore, if we can compute the partial derivative of 
G(S) with respect to each of its variables, then we can 
count the models of A U S under the assertion of new 
literals not in S, and under the retraction or flipping of 
literals in S. Figure depicts the value of each of these 
partial derivatives for the d-DNNF in Figure |I| The 
counting graph is evaluated under literals S = A, -*B, C 
and the partial derivatives are shown below each vari- 
able. According to these derivatives, we have: 

Assertion: Models^ (A U S U {D}) = 1 and 
Models4{A U S U {-'£>}) = 0. This immediately tells 
us that A U S |= D. 

Retraction: Models#(A U S \ {A}) = 1 + 1 = 2: 
Models#(AuS\{^B}) = 1+1 = 2; and Models#{AU 
S\{G}) = 1 + 1 = 2. Therefore, retracting any literal 
in S increases the number of models to 2. 

Flipping: Models#(Al)S\{A}l){^A}) = 1-1 + 1 = 1: 
Models#(A u S \ {>£} U {B}) = 1-1 + 1 = 1: 
Models#(A U S \ {G} U {-.G}) =1-1 + 1 = 1. 
Therefore, flipping any literal in S will not change 
the number of models (although it does change the 
model itself). 



2 




Figure 6: A counting graph of the DNNF A in Figure |l| evaluated under S = A, ^B. The evaluation indicates that 
A U S has two models (A A ->B A C A D and A A -<B A -<C A in this case). 
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Figure 7: A counting graph of the DNNF A in Figure [I] evaluated under literals S = A, ->B, C, indicating one model 
of A U S (A A -iB A C A D in this case). Partial derivatives are shown below the leaves. 

where the contribution of parent M to its child N is 
computed as follows: 

!pd(M), M is a +node; 

PD(M) J[ val(K), M is a *node; 

where if is a child of M. This computation can be 
performed by first traversing the counting graph once 
to evaluate it, assigning val to each node N, and then 
traversing it a second time, assigning pd for each node 
N. We are then mainly interested in VAL(iV) where N 
is the root node, and PD(7V) where TV is a leaf node. 

Therefore, both the value of a counting graph un- 
der some literals S and the values of each of its par- 
tial derivatives under S can be computed by traversing 
the graph twice. Once to compute the values, and an- 
other to compute the partial derivatives. Note that such 
traversal needs to be redone once the set of literals S 
changes. 

We close this section by pointing out that partial dif- 
ferentiation turns out to play a key role in probabilistic 



There is one missing link now: How do we compute 
the partial derivatives of a counting graph with respect 
to each of its variables? This actually turns out to 



be easy due to results in ( Masao 1984 ; Guntcr Rote 
199(|) which show how to evaluate and simultaneously 
compute all partial derivatives of a function by sim- 
ply trav ersing its computati on graph in linear time. Al- 
though ( Guntcr Rote 1990| ) casts such computation in 



terms of summing weights of paths in such a graph, we 
present a more direct implementation here. In partic- 
ular, if we let PD(iV) denote the partial derivative of 
G(S) with respect to a node N in the counting graph, 
then pd(AT) is the summation of contributions made by 
parents M of N: 



1, N is the root node; 

PD(JV) = ^CPD(Af,7V), otherwise; 

M 



reasoning as well. Specifically, we present a co mpre 



hcn sive fram ework for probabilistic reasoning in (Dar- 



wicl e 2000a ) based on compiling a Bayesian network 



into a polynomial and then reducing a large number 
of probabilistic queries into the computation of partial 
derivatives of the compiled polynomial. 

Complete, Linear-Time Truth 

Maintenance 

We now turn to some applications of the results in the 
previous section. That is, what can we do once we are 
able to count models under the conditions stated above? 

We first consider truth maintenance systems and 
show how our results allow us to implement complete 
truth maintenance systems which take linear time on 
two important classes of propositional theories: those 
with bounded treewidth, and those admitting a linear 
FBDD representation. For each class of such theories, 
we can compile a smooth d-DNNF A in linear time and 
then use it for truth maintenance as follows .R 

A truth maintenance system takes a set of clauses T 
and a set of literals S and tries to determine for each 
literal I whether T U S |= /. The most common truth 
maintenance system is the one based on closing T U S 
under unit resolution ( Forbus fc de Kleer 1993 ). Such 
a system takes linear time, but is incomplete. Given 
that the set of literals in S changes to S', the goal of a 
truth maintenance system is then to update the truth 
of each literal under the new "context" S'. Sometimes, 
clauses in T are retracted and/or asserted. A truth 
maintenance system is expected to update the truth of 
literals under such clausal changes too. 

Our model-counting results allow us to implement 
a complete truth maintenance system as follows. We 
compile the theory T into a smooth d-DNNF A and 
construct the counting graph G of A. Given any set 
of literal S, we evaluate G under S and compute its 
partial derivatives also under S. This can be done in 
time linear in the size of A. We are now ready to answer 
all queries expected from a truth maintenance system 
by simple, constant-time, look-up operations: 

Literal I is entailed by A U S iff A U S U {^1} has no 
models: dG{S)/dV^i = 0. 

Retracting literal / from S will render A U S consistent 
iff A U S \ {1} has at least one model: dG(S)/dVi + 
dG{S)/dV^i > 0. 

Flipping literal I in S will render A U S consistent iff 
A U S \ {1} U {^1} has at least one model: G(S) - 
dG(S)/dVi + dG(S)/dV-,i > 0. | 

If we want to reason about the assertion/retraction 
of clauses in theory T, we can replace each clause a in T 

2 We are assuming that smoothing a d-DNNF does not 
increase its size by more than a constant factor. 

3 Note that the flipping of literals is outside the scope of 
classical truth maintenance systems in the sense that they 
must retract I and then assert -^l, taking linear time, to 
perform the above operation. 



by C a = a, where C a is a new atom that represents the 
truth of clause a. We then compile the extended the- 
ory r into d-DNNF A. To assert all clauses initially, 
we have to include all atoms C a in the set of literals 
S. The assertion/retraction of clauses can then be em- 
ulated by the assertion/retraction of atoms C a . For 
example, in case of a contradiction, we can ask whether 
removing a clause a will resolve the contradiction by 
asking whether A U S \ {C Q } has more than one model: 

dG(S)/dV Ca +dG(S)/dV^ Ca > 0. 



Complete, Linear-Time Belief Revision 

We now turn to a second major application of model 
counting on d-DNNF: the implementation of a very 
common class of belief revision systems, which is 
adopted in model-based diagnosis and in certain forms 
of default reasoning. The problem here is as follows. 
We have a set of special atoms D = {di, ■ ■ ■ , d n } in the 
theory T which represent defaults. Typically, we as- 
sume that all of these defaults are true, allowing us to 
draw some default conclusions. We then receive some 
evidence S (a set of literals) which is inconsistent with 
ruD. We therefore know that not all defaults are true 
and some must be retracted — that is, some diS will have 
to be replaced by ~^di in D. Our goal then is to identify 
a set of literals D' such that 

1. di e D' or -idi G D' for all i; 

2. T U D' U S is consistent; 

3. the number of negative literals in D' is minimized; 

and then then report the truth of every literal under the 
new set of defaults D'. Note that there may be more 
than one set of defaults D' that satisfies the above prop- 
erties. In such literal holds after the revision 
process only if it holds under T U D' U S for every D'. 

How can we do this? As we shall see now, if V is a 
smooth d-DNNF, then all of this can be done in time 
linear in the size of T! 

This works exactly as in the previous section, except 
that we have to minimize the d-DNNF first, a pr ocess 



which elimin ates some of the d-DNNF models (Dar 



sviche 1999b). To define this minimization process more 
precisely, we need the following definition first: 

Definition 9 If Y, is a set of atoms, then the S- 
cardinality of a model is the number of atoms in £ that 
the model sets to false. 

To ^-minimize a theory T is to convert it into an- 
other theory whose models are exactly the models of 
T having a minimum ^-cardinality. Consider the d- 
DNNF r in Figure [l] for an example and suppose that 
£ = {A, B, C, D}; that is, we want to minimize the d- 
DNNF with respect to each of its atoms. This theory 
has eight models, each having an odd cardinality (one 
or three). If we E-minimize this d-DNNF, we obtain 
another with four models, shown in Figure 0. 



Given these definitions, we can re-phrase the problem 
of belief revision (stated above) as follows. Let E be 
a set of atoms representing defaults, and let T be a 
smooth d-DNNF. Given observation S, E-minimize the 
theory T U S to yield A and then report on the truth of 
each literal under the minimized theory A. 

As it turns out, one can minimize a smooth d-DNNF 
in linear time, to yield another smooth d-DNNF to 
which we can apply the techniques of the previous sec- 
tion. We now describe the process of min imizing a 



DNNF which is described in more details in (Darwiche 
199Q). We do this in a two-step process 

1. We assign a cardinality to every node in the d-DNNF 
as follows: 

(a) each literal whose atom is not in E gets cardinality 
zero; 

(b) each positive literal whose atom is in E gets cardi- 
nality zero; 

(c) each negative literals whose atom is in E gets car- 
dinality one; 

(d) the cardinality of a disjunction is the min of its 
disjuncts' cardinalities; 

(e) the cardinality of a conjunction is the summation 
of its conjuncts' cardinalities. 

2. For each or-node N and its child M, we delete the 
edge connecting N and M if the cardinality of N is 
smaller than the cardinality of M. 

Figure || depicts the result of assigning cardinalities to 
the d-DNNF of Figure 0, and Fi gure depicts the result 
of deleting some of its edges. This is the minimized d- 
DNNF and it has four models: 

->A A B A C A D; 

AA^B AC AD; 

AAB A^C AD; 

AAB AC A^D. 

Once we have minimized the d-DNNF, we can apply the 
results of the previous section to obtain the answers we 
want. 

As an example, Figure M depicts the counting graph 
of the minimized d-DNNF - A in Figure |[ with its value 
and partial derivatives computed under the observation 
S = \^A}. From these partial derivatives and Theo- 
rem pL we immediately get: 

Assertion: Models#(Al)Sl){^B}) = 0; Models#{A\J 
S U {-.C}) = 0; Models#(A U S U {->£>}) = 0. That 
is, B, C and D are all entailed by A U S. 

Retraction: Models#{A U S \ {^A}) = 1 + 3 = 4. 
That is, we have four models if we retract ->A. 

Flipping: Models#(AllS\{^A}U{A}) = 1-1+3 = 3. 
That is, we have three models if we flip -<A to A. 



Predicting the Behavior of Broken 
Devices 

The above results have direct application to model- 
based diagnosis, where A is the device description, S 
is the device observation and D contains the health 
modes ok\, . . . , ok n . Initially, we assume that all device 
components are working normally, but then find some 
observation S such that A Li T) = {ok%, ... , ok n } U S is 
inconsistent. 

To regain consistency we must postulate that some 
of the components are not healthy, therefore, flipping 
some of the ofcjS into ->oki in the set D. Assuming 
a smallest number of faults, we want to minimize the 
number of unhealthy components needed to regain con- 
sistency. A set D' such that: 

1. oki e D' or -ioki £ D' for all i; 

2. A U D' U S is consistent; 

3. the number of negative literals in D' is minimized; 

is called a minimum- cardinality diagnosis and one goal 
of model-based diagnosis to enumerate such diagnose s 
QDarwichc 199^ ; |dc Klccr, Mackworth, fc Rcitcr 1992Q . 

Another practical problem, however, which has re- 
ceived much less attention in model-based diagnosis is 
the following: Assuming a smallest number of faults, 
what is the truth value of every literal appearing in 
the device description A? That is, we do not want to 
know what the minimum-cardinality diagnoses are. In- 
stead — and under the assumption that one of them 
has materialized — we want to predict the behavior of 
the given faulty device. But this is exactly the problem 
we have treated in the previous section. 

Therefore, our results allow us to predict the value of 
each device port (literal I) in a broken device, assuming 
that the number of broken components is minimal, in 
time linear in the size of device description A, as long as 
A is a smooth d-DNNF. We are unaware of any similar 
complexity result for model-based diagnosis. 

Conclusion 

We have identified two classes of prepositional theo- 
ries, those which have a bounded treewidth, and those 
which have a linear-sized FBDD representation. We 
have shown that each of these classes of theories can 
be converted in linear time into a tractable form that 
we called deterministic DNNF, d-DNNF. We have also 
defined linear-time, model-counting operations on d- 
DNNF, allowing us to implement (a) linear-time, com- 
plete truth maintenance systems and (b) linear-time, 
complete belief revision systems for the two identified 
classes of prepositional theories. Our results also have 
major implications on the practice of model-based diag- 
nosis as they allow us to efficiently predict the behavior 
of a broken device, assuming a smallest number of bro- 
ken components. 




and 



Figure 8: Assigning a cardinality to each node in a d-DNNF with £ = {A, B, C, D}. 




and 



and 



Figure 9: A minimized d-DNNF. 
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